New PCQQ Ransomware Threat

computer repairs

What is the PCQQ ransomware?

PCQQ is a file-encrypting ransomware infection that restricts access to data (documents, images, videos) by encrypting files with the “.pcqq” extension. It then attempts to extort money from victims by asking for “ransom”, in the form of Bitcoin cryptocurrency, in exchange for access to data.
 

When you are first infected with the PCQQ ransomware it will scan your computer for images, videos, and important productivity documents and files. When these files are detected, the ransomware will encrypt them and change their extension to “.pcqq”, so that you are no longer able to be open them.

Once the PCQQ ransomware has encrypted the files on your computer, it will display the “_readme.txt” file that contains the ransom note and instructions on how to contact the authors of this ransomware. 

This is the ransom note that the PCQQ ransomware will show to its victims:

_readme.txt:
ATTENTION!
Don’t worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-9tWwjPzDLY
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.
To get this software you need write on our e-mail:
helpteam@mail.ch
Reserve e-mail address to contact us:
helpmanager@airmail.cc

How did the PCQQ ransomware get on my computer?

The PCQQ ransomware is distributed via spam email containing infected attachments or by exploiting the operating system and installed programs.

Here’s how the PCQQ ransomware might get on your computer:

  • Cyber-criminals spam out an email, tricking you into believing that it is from a shipping company like DHL or FedEx. The email tells you that they tried to deliver a package to you, but failed for some reason. Either way, you open the attached file (or click on a link inside the email). And with that, your computer is infected with the PCQQ ransomware.
  • The PCQQ ransomware was also observed attacking victims by exploiting vulnerabilities in the program installed on the computer. Commonly exploited software includes the operating system itself, browsers, Microsoft Office, and third-party applications.

CONTACT US FOR SUPPORT

If you find yourself with this nasty malware attack then give us a call on 1300 433 554